Friday, September 13, 2013

There is a saying that says, when it comes to government, they've got you coming and going.

No truer words are spoken when the subject comes to serial invasions of your privacy. Not only is the National Security Agency monitoring your every electronic communication, but the agency is paying your tech company and Internet service provider to hack you as well.

According to Britain's The Guardian newspaper, which broke the story of massive NSA spying earlier this year:

U.S. and British intelligence agencies have successfully cracked much of the online encryption relied upon by hundreds of millions of people to protect the privacy of their personal data, online transactions and emails, according to top-secret documents revealed by former contractor Edward Snowden.

The files show that the National Security Agency and its UK counterpart GCHQ have broadly compromised the guarantees that internet companies have given consumers to reassure them that their communications, online banking and medical records would be indecipherable to criminals or governments.

If need be, the use of 'brute force' to break encryption

In other words, those little privacy spiels that social media and tech companies put on their sites to "assure you" that your privacy is "guaranteed" - are lies. And what's more, they are government-sanctioned lies.

The files that Snowden - who is currently in Russia, having been granted temporary political asylum by President Vladimir Putin - provided show that the agencies use a number of methods in their systematic, continual assault on what they perceive as one of the biggest threats to their ability to access billions of bytes of Internet traffic - "the use of ubiquitous encryption across the Internet."

The paper said the methods include covert measures ensuring NSA control over the establishment of international encryption standards, use of supercomputers to break encryption protocols and protections using "brute force," and - the most closely guarded of all secrets - "collaboration with technology companies and Internet service providers themselves."

Through the establishment of these covert and unconstitutional partnerships - private firms have as much legal obligation to protect your privacy as the government does - these agencies have had placed into commercial encryption software the ability to penetrate it in what are known as "backdoors" or "trapdoors."

According to the files provided by Snowden:

-- A decade-long NSA program targeting encryption technologies made a huge breakthrough in 2010, which then made "vast amounts" of data collected through Internet cable taps finally "exploitable."

-- The NSA spends $250 million taxpayer dollars annually on a program that, among other goals, works through tech companies to "covertly influence" the design of their products.

-- The secrecy of the programs' capabilities to thwart encryption is extremely closely guarded, and analysts are warned: "Do not ask about or speculate on sources or methods."

-- The NSA describes its strong decryption programs as the "price of admission for the U.S. to maintain unrestricted access to and use of cyberspace."

-- A GCHQ team has been developing ways to access encrypted traffic on each of the "big four" service providers: Hotmail, Google, Yahoo and Facebook.

As usual, both agencies insist they need to defeat all encryption in order to maintain national security and combat terrorism and the ability of foreign governments to gather intelligence.

But, of course, there is another aspect to this, and security experts have pointed it out: The agencies are attacking the essence of the Internet itself, as well as the privacy of all of its users.

'We had to comply'

"Cryptography forms the basis for trust online," Bruce Schneier, an encryption specialist and fellow at Harvard's Berkman Center for Internet and Society, told The Guardian. "By deliberately undermining online security in a short-sighted effort to eavesdrop, the NSA is undermining the very fabric of the internet."

Classified briefings between the agencies celebrate their success at "defeating network security and privacy," he said.

"For the past decade, NSA has lead [sic] an aggressive, multi-pronged effort to break widely used internet encryption technologies," a 2010 GCHQ document stated. "Vast amounts of encrypted internet data which have up till now been discarded are now exploitable."

The paper and others have also reported previously that Microsoft has cooperated with NSA to circumvent encryption in its Outlook mail program, saying it was obliged to comply with "existing or future lawful demands" when designing its products.